You are here

Exploitation

In this post, I will be talking about an interesting bug that affects Google Blogger. This security bug has been left undiscovered since almost 2007. The bug allows an attacker to trick the victim into revealing his email address using UI-Redressing techniques.

NoScript Security Suite is a powerful security add-on for Firefox, Seamonkey and other Mozilla-based browsers. Its main task is to block Javascript, Flash, Java, as well as many other plugins from executing untrusted code on the user’s browser through blocking it and only allowing certain trusted whitelisted sites.

This paper discusses different techniques that an attacker can use to bypass NoScript Security Suite Protection. These techniques can be used by malicious vectors in bypassing the default installation of NoScript. The paper also provides solutions and recommendations for end-users that can enhances the current protection of NoScript Security Suite.

Electromagnetic radio frequency emitters are common and are used legitimately in everyday applications such as wireless communications and Global Positioning Systems. It is also common that the electromagnetic energy that RF emitters produce will affect other electronic devices, called electromagnetic interference (EMI). An example is using a walkie talkie near a television. The signal is picked up by the television's antenna and distorts the picture. If RF emitters are used to purposely disrupt electronics, they then become a weapon. They are more powerful and therefore cause more damage than ordinary RF emitters. In this paper, I will discuss this type of weapon further, how it might be used, and why an attacker would consider this technology as a weapon. This discussion will be limited to the security threats of everyday private sector systems, and will not delve into the realm of its use for the purpose of war.